CVE-2021-43070

Name of the Vulnerable Software and Affected Versions FortiWLM management interface versions 8.6.2 and below FortiWLM management interface versions 8.5.2 and below FortiWLM management interface versions 8.4.2 and below FortiWLM management interface versions 8.3.3 and below FortiWLM management interface version 8.2.2

Description The issue allows an authenticated attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests. This is due to multiple relative path traversal vulnerabilities in the FortiWLM management interface.

Recommendations For FortiWLM management interface versions 8.6.2 and below, update to a version above 8.6.2 to resolve the issue. For FortiWLM management interface versions 8.5.2 and below, update to a version above 8.5.2 to resolve the issue. For FortiWLM management interface versions 8.4.2 and below, update to a version above 8.4.2 to resolve the issue. For FortiWLM management interface versions 8.3.3 and below, update to a version above 8.3.3 to resolve the issue. For FortiWLM management interface version 8.2.2, update to a version above 8.2.2 to resolve the issue.